SuSE9 Security Update : the Linux kernel (YOU Patch Number 12677)

This patch updates the SUSE Linux Enterprise Server 9 kernel to fix various security issues and some bugs. The following security issues were fixed : - The hciuartttyopen function in the HCI UART driver drivers/bluetooth/hcildisc.c in the Linux kernel did not verify whether the tty has a write...

RHEL 6 : kernel (RHSA-2012:0481)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2012:0481 advisory. - kernel: sysctl: restrict write access to dmesgrestrict CVE-2011-4080 - kernel: block: CLONEIO iocontext refcounting issues CVE-2012-0879 -...

kernel: cifs: dentry refcount leak when opening a FIFO on lookup leads to panic on unmount

The cifslookup function in fs/cifs/dir.c in the Linux kernel before 3.2.10 allows local users to cause a denial of service OOPS via attempted access to a special file, as demonstrated by a FIFO...

SuSE 11.1 Security Update : Xen and libvirt (SAT Patch Number 5796)

This collective update 2012/02 for Xen provides fixes for the following reports : Xen : - 740165: Fix heap overflow in e1000 device emulation applicable to Xen qemu - CVE-2012-0029 - 739585: Xen block-attach fails after repeated attach/detach - 727515: Fragmented packets hang network boot of HVM...

FreeBSD UIPC socket stack overflow-vulnerability warning-the black bar safety net

!/ bin/sh fbsd-uipcsock-heap.sh, by Shaun Colley a, 29/09/11 proof-of-concept crash for the freebsd unix domain sockets heap overflow. this was tested on freebsd 8.2-RELEASE. just a PoC for now. see advisory & patches for details: http://www.securityfocus.com/archive/1/519864/30/0/threaded this P...

RHEL 6 : kernel (RHSA-2012:0350)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2012:0350 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: A...

Debian Security Advisory DSA 2325-1 (kfreebsd-8)

The remote host is missing an update to kfreebsd-8 announced via advisory DSA 2325-1. OpenVAS Vulnerability Test $Id: deb23251.nasl 6612 2017-07-07 12:08:03Z cfischer $ Description: Auto-generated from advisory DSA 2325-1 kfreebsd-8 Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 7918)

This Linux kernel update fixes various security issues and bugs in the SUSE Linux Enterprise 10 SP4 kernel. This update fixes the following security issues : - X.25 remote DoS. CVE-2010-3873. bnc651219 - X.25 remote Dos. CVE-2010-4164. bnc653260 - 1 socket local DoS. CVE-2010-4249. bnc655696 -...

Linux IGMP Remote Denial Of Service (Introduced in linux-2.6.36)

No description provided by source. / linux-undeadattack.c Linux IGMP Remote Denial Of Service Introduced in linux-2.6.36 CVE-2012-0207 credits to Ben Hutchings: http://womble.decadent.org.uk/blog/igmp-denial-of-service-in-linux-cve-2012-0207.html written By Kingcope Year 2012 Ripped & modified co...

Linux IGMP Remote Denial Of Service (Introduced in linux-2.6.36)

Exploit for linux platform in category dos / poc / linux-undeadattack.c Linux IGMP Remote Denial Of Service Introduced in linux-2.6.36 CVE-2012-0207 credits to Ben Hutchings: http://womble.decadent.org.uk/blog/igmp-denial-of-service-in-linux-cve-2012-0207.html written By Kingcope Year 2012 Ripped...

PT-2012-2399 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.2.1 Description: The issue allows remote attackers to cause a denial of service, resulting in a divide-by-zero error and a kernel panic, through IGMP packets. This is due to the igmp heard query function in...

PT-2012-2256 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.1.9 Description: The issue is caused by an integer overflow in the xfs acl from disk function, which can lead to a heap-based buffer overflow when a local user interacts with a filesystem containing a malforme...

kexec-tools security, bug fix, and enhancement update

2.0.0-209.0.1.el6 - Make sure '--allow-missing' is effective by adding to MKDUMPRDARGS in kdump.sysconfig, kdump.sysconfig.i386, and kdump.sysconfig.x8664 12590865 11678808 2.0.0-209 - Improve debugfs mounting code, from Dave Young. Resolve bug 748748. 2.0.0-208 - Search DUP firmware directory to...

SuSE 10 Security Update : Xen (ZYPP Patch Number 7547)

This collective June/2011 Update for Xen provides the following fixes : - Xen does not properly check the upper boundary of user-supplied data in the getfreeport function when getting a new event channel port. A local user on the guest operating system can exploit this flaw to cause denial of...

CVE-2011-1349: Android PowerVR SGX driver denial of service

CVE-2011-1349: Android PowerVR SGX driver denial of service due to a NULL pointer dereference in PVRSRV_BRIDGE_CREATE_DEVMEMCONTEXT handler, allowing a local attacker to cause a kernel panic. Affected component: PowerVR SGX graphics driver on Android. Exploitation details are not provided in the ...

DSA-2325-1 kfreebsd-8 - privilege escalation/denial of service

Bulletin has no description...

RHEL 5 : kernel (RHSA-2011:1386)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2011:1386 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security fixes: The maximum file offset handling for...

kernel: panic occurs when clock_gettime() is called

The divlonglongrem implementation in include/asm-x86/div64.h in the Linux kernel before 2.6.26 on the x86 platform allows local users to cause a denial of service Divide Error Fault and panic via a clockgettime system call...

Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

Updated kernel packages that fix several security issues, various bugs, and add one enhancement are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, whi...

FreeBSD UIPC Socket Heap Overflow

!/bin/sh fbsd-uipcsock-heap.sh, by Shaun Colley , 29/09/11 proof-of-concept crash for the freebsd unix domain sockets heap overflow. this was tested on freebsd 8.2-RELEASE. just a PoC for now. see advisory & patches for details: http://www.securityfocus.com/archive/1/519864/30/0/threaded this PoC...